Assistant Manager, Vendor Risk Continuous Monitoring Program

About the Role:

Grade Level (for internal use):

10

S&P Global Corporate

The Role: Assistant Manager, Vendor Risk Continuous Monitoring Program

We are looking for a proactive and experienced Lead who would lead Vendor Risk Continuous Monitoring & Affiliate program within Vendor Risk Management (VRM) program. This role will be responsible for overseeing and managing the vendor risk monitoring program and the Team, managing affiliate risk assessments, and driving key governance initiatives such as Open Issue Governance, Risk Acceptance, and Adverse Event Management. The ideal candidate will have extensive experience in third-party risk management, strong leadership skills, and a deep understanding of industry regulations, risk frameworks, and governance processes.

The Team: Vendor Risk Management is a critical function that organizations globally are increasingly focusing on. Our team ensures thorough reviews of each vendor engaged globally, supporting the business in making risk-informed and data-driven decisions.

We collaborate closely with Business Units and Risk Domain Subject Matter Experts (SMEs), such as Cyber Risk, to conduct assessments and recertifications in compliance with regulatory requirements. When issues are identified, VRM team is responsible for ensuring risk mitigation and providing feedback to leadership before engaging with the vendor.

Responsibilities and Impact: Working in Vendor Risk Management Team provides the opportunity to continuously improve processes in response to the evolving requirements of various regulators. This dynamic environment offers ample opportunities to expand your knowledge and expertise.

In addition to conducting risk assessments, the vendor risk monitoring program, managing affiliate risk assessments, and driving key governance initiatives, you will have the chance to contribute to various projects, enabling you to showcase and further develop your skills and experience.

Key responsibilities:

• Conduct comprehensive risk assessments of third-party vendors, ensuring alignment with organizational risk tolerance and standards. Evaluate financial, operational, cyber, compliance and privacy risks associated with each vendor relationship.
• Manage the continuous monitoring of vendor and affiliate risks, ensuring timely identification and assessment of any emerging risks.
• Oversee and manage the affiliate risk assessment program, ensuring that risks related to third-party affiliates are identified, evaluated, and mitigated.
• Manage open issues identified during Vendor and Affiliate assessments.
• Ensure that open issues are tracked, managed, and resolved within agreed timelines, and provide regular updates to leadership on the status of these issues.
• Manage the process for evaluating and documenting risk acceptance for vendors.
• Ensure that all risk acceptance decisions are properly documented, justified, and aligned with the organization’s risk appetite and governance policies.
• Manage the identification, reporting, and resolution of adverse events related to vendor.
• Work with relevant teams to assess the impact of adverse events, ensure timely remediation, and minimize any negative consequences to the organization.
• Prepare and present detailed reports and dashboards on vendor and affiliate risk monitoring, open issue management, risk acceptance, and adverse events to senior leadership
• Work with vendors and internal teams to develop risk mitigation plans and track remediation efforts for any identified issues or non-compliance.
• Collaborate with Cyber Risk/Information Security, Business Continuity, Procurement, Compliance and other Domain SMEs to ensure correct risk level is documented in the Vendor Risk Assessment results and track the progress.
• Lead and support enhancement projects within Vendor Risk Management to meet various business and regulatory requirements.
• Identify opportunities to streamline risk assessment processes and improve the overall effectiveness of the Vendor Risk Management program.
• Assist the team members in balancing the load and managing Ad-hoc projects.

What We’re Looking For:

Basic Required Qualifications:

• Professional with Vendor Risk Management background, having good experience in conducting vendor risk assessments, or related fields (e.g., compliance, audit, or risk management, GRC) with at least 6-10 years of experience after Degree/Master’s 
• Should have experience in understanding and managing the risk for IT and Cloud based vendors.
• Strong knowledge of risk management frameworks, compliance regulations (e.g., GDPR, ISO 27001, SOC 2), and cybersecurity principles.
• Experience with vendor management tools, risk monitoring platforms, and relevant reporting systems.
• Should have understanding on the roles and responsibilities of different risk functions like Third Party Risk Management, QA Function, IT Risk, Operational Risk, Financial Risk, Internal Control, Internal audit, Privacy and Compliance etc.
• Should have good understanding in conducting financial, compliance, and privacy assessments.
• Excellent leadership, communication, and collaboration skills, with the ability to engage with stakeholders at all levels.
• Amenable for 2pm-11pm India Time

Additional Preferred Qualifications:

• This position is required to work in UK Shift; flexibility is a must, especially when it comes to vendor and internal meetings held during US business hours.
• Strong organizational skills with the ability to multitask and prioritize while maintaining close attention to detail.
• Ability to work in a fast-paced, evolving environment while maintaining attention to detail.
• Ability to build strategic partnerships with internal stakeholders.
• Must be a critical thinker with strong qualitative skills.
• Information Security/Risk Management certification would be an advantage.

What’s In It For You?

Our Purpose:

Progress is not a self-starter. It requires a catalyst to be set in motion. Information, imagination, people, technology–the right combination can unlock possibility and change the world.

Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies, governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence®, pinpointing risks and opening possibilities. We Accelerate Progress.

Our People:

We're more than 35,000 strong worldwide—so we're able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.

From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. We’re committed to a more equitable future and to helping our customers find new, sustainable ways of doing business. We’re constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference.

Our Values:
 

Integrity, Discovery, Partnership

At S&P Global, we focus on Powering Global Markets. Throughout our history, the world's leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do, bring a spirit of discovery to our work, and collaborate in close partnership with each other and our customers to achieve shared goals.

Benefits:

We take care of you, so you can take care of business. We care about our people. That’s why we provide everything you—and your career—need to thrive at S&P Global.

Our benefits include: 

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay, retirement planning, a continuing education program with a company-matched student loan contribution, and financial wellness programs.

• Family Friendly Perks: It’s not just about you. S&P Global has perks for your partners and little ones, too, with some best-in class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awards—small perks can make a big difference.

For more information on benefits by country visit: https://spgbenefits.com/benefit-summaries

Inclusive Hiring and Opportunity at S&P Global:

At S&P Global, we are committed to fostering an inclusive workplace where all individuals have access to opportunities based on their skills, experience, and contributions. Our hiring practices emphasize fairness, transparency, and equal opportunity, ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration, we drive innovation and power global markets.

-----------------------------------------------------------

Equal Opportunity Employer

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law.  Only electronic job submissions will be considered for employment.  

 

If you need an accommodation during the application process due to a disability, please send an email to: EEO.Compliance@spglobal.com and your request will be forwarded to the appropriate person.  
 
US Candidates Only:  The EEO is the Law Poster http://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf describes discrimination protections under federal law.  Pay Transparency Nondiscrimination Provision - https://www.dol.gov/sites/dolgov/files/ofccp/pdf/pay-transp_%20English_formattedESQA508c.pdf

-----------------------------------------------------------

202 - Middle Professional (EEO Job Group) (inactive), 20 - Professional (EEO-2 Job Categories-United States of America), RSKMGT202.1 - Middle Professional Tier I (EEO Job Group)